[Secure-testing-commits] r30096 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Nov 17 14:56:05 UTC 2014
Author: carnil
Date: 2014-11-17 14:56:05 +0000 (Mon, 17 Nov 2014)
New Revision: 30096
Modified:
data/CVE/list
Log:
Add CVE-2014-7835/moodle
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-11-17 14:54:58 UTC (rev 30095)
+++ data/CVE/list 2014-11-17 14:56:05 UTC (rev 30096)
@@ -2215,8 +2215,11 @@
RESERVED
CVE-2014-7836
RESERVED
-CVE-2014-7835
+CVE-2014-7835 [XSS file upload possible through web service]
RESERVED
+ - moodle <unfixed>
+ [squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
+ NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47868
CVE-2014-7834 [Lack of group check in web service for Forum]
RESERVED
- moodle <unfixed>
More information about the Secure-testing-commits
mailing list